Information Technology Reference
In-Depth Information
•
Policies that comply with information security policy, standards and
regulations should be developed for all managers and senior managers.
•
Interoperability of information security functions with other critical assets
and functions should be provided to improve information security and
privacy policies and applications.
•
Education and training programs should be implemented for all employees.
Results about processes show that, information security, privacy programs and
performance metrics should be completely evaluated and tested for each business
unit. Additionally, policy development and update analysis should be entirety
implemented.
Technological approaches are another stronger side of the defense industry
organization. Assessments reflect that an authentication system that can be applied to
higher levels of authentication to protect resources should be implemented. Data
encryptions and associated encryption keys should be protected via new information
security approaches as well.
References
1.
Blackley, B., McDermott, E., Geer, D.: Information Security is Information Risk
Management. In: Proceedings of the 2001 Workshop on New Security Paradigms, pp. 97-
104. ACM, New York (2001)
2.
Canbek, G., Sağıroğlu, Ş.: Bilgi, Bilgi Güvenliği ve Süreçleri Üzerine Bir Inceleme [An
Evaluation on Information, Information Security and Processes]. Politeknik Dergisi 9(3),
165-174 (2006)
3.
Doğantimur, F.: ISO 27001 Çerçevesinde Kurumsal Bilgi Güvenliği [Organizational
Information Security within the Framework of ISO 27001]. Unpublished thesis of
professional competence, Ministry of Finance (2009)
4.
Vural, Y., Sağıroğlu, Ş.: Kurumsal Bilgi Güvenliği ve Standartları Üzerine bir İnceleme [A
Review on Organizational Information Security and Standards]. Gazi Üniversitesi
Mühendislik ve Mimarlık Fakültesi Dergisi 23(2), 507-522 (2008)
5.
DPT: e-Dönüşüm Türkiye Projesi Birlikte Çalışabilirlik Esasları Rehberi [e-
Transformation Turkey Project Principles of Interoperability Guide]. Devlet Planlama
Teşkilatı, Ankara (2005)
6.
DPT: Bilgi Toplumu Stratejisi Eylem Planı (2006- 2010) [Information Society Strategy
Action Plan (2006- 2010)]. Devlet Planlama Teşkilatı, Ankara (2006)
7.
Bilisim 2023 Derneği,
http://bilisim2023.org/index.php?option=
com_content&view=article&id=189:tuerkyede-blg-guevenl-
yatirimlari-artiyor&catid=7:goerueler&Itemid=18
8.
Thomas, G.: A Typology for the Case Study in Social Science Following a Review of
Definition, Discourse and Structure. Qualitative Inquiry 17(6), 511-521 (2011)
9.
Zainal, Z.: Case Study as a Research Method. Jurnal Kemanusiaan Bil 9, 1-5 (2007)
10.
Scarfone, K., Souppaya, M., Cody, A., Orebaugh, A.: Technical Guide to Information
Security Testing and Assessment: Recommendations of the National Institute of Standards
and Technology. U.S. Department of Commerce, Gaithersburg (2008)
11.
Risk Assessment Toolkit,
http://www.cio.ca.gov/OIS/government/
risk/toolkit.asp
Search WWH ::
Custom Search